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Art Unit: 2134 

(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial proceedings which will 
directly affect or be directly affected by or have a bearing on the Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection contained in the brief is 

correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 
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2003/0188198 
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1-2003 
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(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

Claim Rejections - 35 USC §103 
Claims 1, 3-9, 11, 12, 15, 17, and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
in view of Cathey US 2002/0085560 in view of Holdsworth US 2003/0188198 

As per claim 1, Cathey teaches determining a plurality of rules (packet classification), each of at least a 
subset of the rules having a plurality of fields (extracted fields of header data) and a corresponding 
action (identify application programs to execute); and processing the rules to generate a multi-level tree 
representation (classification logic is configured as a decision tree), (Fig 5B, [0052], [0061], [0063]). 
Cathey teaches each of one or more of the levels of the tree representation being associated with a 
corresponding one of the fields (level one associated with source address, level two associate with 
destination address) [0063]. Cathey teaches at least one level of the tree representation other than a root 
level of the tree representation comprises a plurality of nodes (Header Check 2, Fig 5B, [0063], Cathey 
teaches at least two of the nodes at that level each comparing header data associated therewith (header 
check 2 checks Internet Protocol Destination Address and compares to predefined data, and address 
tables),([0063], [0067], [0078]). 

Cathey fails to teach access control lists or explicitly state separate matching tables. 
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Holdsworth teaches access control lists and separate matching tables (each node may have its own acl) 
[0048]. 

It would have been obvious to one of ordinary skill in the art to use the ACL of Holdsworth with the 
decision levels and fields of Cathey because it allows security and access control to be performed to 
enhance network safety. 

As per claim 3, Cathey teaches the plurality of fields comprises at least first and second fields, the first 
field comprising a source address field and the second field comprising a destination address field 
[0063]. 

As per claim 4, Cathey teaches a final level of the tree representation comprises a plurality of leaf nodes 
(packet classification), each associated with one of the actions (choosing an application) of the plurality 
of rules (Fig 5B, [0063], [0083]). 

As per claim 5, Cathey teaches the root level of the tree representation includes a plurality of field 
values, each corresponding to a distinct source address in a first field of the plurality of rules (header 
check 1 at the rood may include a source address, compared to predefined source address table, ([0063] 
[0076]). 

As per claim 6, Cathey teaches a second level of the tree representation includes a plurality of nodes, 
each being associated with a subtree of a given one of the distinct source addresses of the root level of 
the tree (Fig 5B, [0063]). 

As per claim 7. Cathey teaches a given one of the second level subtrees identifies one or more 
destination addresses to be examined if the corresponding root level source address matches a source 
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address of a given received packet, (header check 2 at the node may include a destination address, (Fig 
5B [0063]). 

As per claim 8. Holdsworth teaches a matching table at a given level of the tree representation other than 
a root level of the tree representation comprises at least a portion of a subtree identified by a particular 
field value from an immediately previous level (nodes may inherit parent ACL lists) [0058]. 

As per claim 9. Cathey teaches the tree representation is generated by associating a first node at the root 
level with a given value in a first field (source address) of one of the plurality of rules (packet 
classification), and then processing remaining field values (destination address) sequentially, with each 
value in turn being compared to one or more existing values (predetermined information) at the 
appropriate node(s) of the tree representation to determine if a match exists, and associating that value 
with a matching table (address table) at one of the nodes of the tree representation based at least in part 
on the determination (Fig 5B, [0063], [0067], [0078]. 

As per claim 1 1 . Holdsworth teaches the corresponding actions include at least an accept action and a 
deny action (allow, deny) [0051]. 

As per claim 12, Cathey teaches the step of storing at least a portion of the tree representation in 
memory circuitry accessible to the processor (stored in IRAM connected to packet classification engine) 
[0030]. 

As per claims 15, and 20 Cathey teaches a processor having memory circuitry associated therewith; the 
memory circuitry being configured for storing at least a portion of a multi-level tree representation 
(stored in IRAM connected to packet classification engine) [0030]. 
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Cathey teaches each of one or more of the levels of the tree representation being associated with a 
corresponding one of the fields; (extracted fields of header data). Cathey teaches the processor being 
operative to utilize the stored tree representation to perform a function (classify) [0030]. Cathey teaches 
at least one level of the tree representation other than a root level of the tree representation comprises a 
plurality of nodes, (Header Check 2, Fig 5B, [0063] Cathey teaches at least two of the nodes at that level 
each having a separate matching table associated therewith (header check 2 checks Internet Protocol 
Destination Address and compares to predefined data, and address tables),([0063], [0067], [0078]). 

Cathey fails to teach access control lists or explicitly state separate matching tables. 

Holdsworth teaches access control lists and separate matching tables (each node may have its own acl) 
[0048]. 

It would have been obvious to one of ordinary skill in the art to use the ACL of Holdsworth with the 
decision levels and fields of Cathey because it allows security and access control to be performed to 
enhance network safety. 

As per claim 17. Cathey teaches the memory may be integrated with the classification engine on a 
controller [0040]. 

Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over in view of Cathey US 
2002/0085560 in view of Holdsworth US 2003/0188198 in view of Miller US 2003/0005146 



As per claim 2, the previous Cathey-Holdsworth combination does not teach longest prefix matching. 
Miller teaches using the longest prefix matching (LPM) method, [0031]. 
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It would have been obvious to one of ordinary skill in the art to use the LPM method of miller with the 
system of Cathey-Holdsworth to improve matching efficiency, [0015]. 

Claims 10, 13, 14, 16, 18, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over in 
view of Cathey US 2002/0085560 in view of Holdsworth US 2003/0188198 in view of Gai US 
6,651,096. 

As per As per claim 10, the previous Cathey-Holdsworth combination does not teach each of at least a 
subset of the nodes of the tree representation having values in the matching table are arranged in order of 
decreasing specificity. 

Gai teaches each of at least a subset of the nodes of the tree representation having a separate matching 
table associated therewith, values in the matching table are arranged in order of decreasing specificity ( 
wildcards increase down the list) (Fig 5 A Source Address). 

It would have been obvious to one of ordinary skill in the art to use the list of Gai with the system of 
Cathey-Holdsworth in order to filter in order of desire. 

As per claim 13, the previous Cathey-Holdsworth combination does not teach the hardware and CPU 
used in implementing an ACL. 

Gai teaches the step of utilizing the stored tree representation to perform an access control list based 
function in the processor (teaches using ACL stored in CAM with CPU) (Col 4 lines 10-25). 

It would have been obvious to one of ordinary skill in the art to use the hardware of Gai with the system 
of Cathey-Holdsworth because a CPU is necessary to implement software. 



Application/Control Number: 10/723,150 Page 8 

Art Unit: 2134 

As per claim 14. Gai teaches the access control list based function comprises packet filtering (receipt 
and action for packet) (Col 4 lines 30-36). 

As per claim 16. Gai teaches the access control list based function comprises packet filtering (receipt 
and action for packet) (Col 4 lines 30-36). 

As per claim 18, Gai teaches the processor comprises a network processor (intermediate network device 
CPU) (Col 4 lines 7-10). 

As per claim 19. Gai teaches the processor comprises an integrated circuit (CPU) (Col 4 lines 7-10). 

(10) Response to Argument 

As per claims 1, 3-5, 8, 11, 12, 15, 17, and 20, 

Appellant argues that the collective teachings of Cathey and Holdsworth do not meet the limitations as 
taught in claim 1 . Appellant argues that Holdsworth does not teach or suggest a multilevel tree representation 
of an ACL because Holdsworth discloses each message topic in a tree corresponds to a different topic with an 
associated ACL. Appellant asserts that Holdsworth does not teach a multilevel tree ACL, but uses a separate 
ACL for each node of message topics. Appellant rejects the examiners previous argument that Holdsworth is 
not relied of for an ACL tree but only for ACL's and matching tables. 

Examiner contends that first, as stated in the previous rejections, Cathey is the reference relied upon for 
the multilevel tree representation of an ACL (Figure 5B). Cathey does not explicitly state "ACL" or "matching 
table" so Holdsworth has been paired with Cathey to explicitly teach said ACL, and matching table. However, 
alternately, Holdsworth does teach that the Access Control Lists are multi-level associated by subject. 
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Holdsworth teaches a tree structure with multiple nodes and separate matching tables. Holdsworth teaches that 
the ACL's may have a hierarchy, where the child node inherits the properties of the parent ACL [0048], [0051], 
[0058]. Thus Holdsworth teaches a multilevel tree access control list. When one travels down the tree by 
subject each individual ACL contributes to an overall access control structure, and thus Holdsworth meets the 
claim limitations of claim 1 . 

Appellant argues that the ACL of Holdsworth is incompatible with the packet processor of Cathey 
because the decision tree of Cathey forms a single ACL. Appellanat argues that with reference to Figure 5B 
that Cathey only has a single branching at each node, and thus none of the nodes have separate matching tables. 

Examiner counters that Cathey does not explicitly teach "matching tables" but does compare header 
information to prestored information [0067], [0073], [0078]. Examiner is unclear how Cathey is not compatible 
with Holdsworth because both teach comparing data at each branch. Both Cathey and Holdsworth have a 
"plurality of nodes" that is not at the root node. Figure 5B shows 352, and 354, which are comparing 
information. Holdsworth is relied on for the "separate matching tables". Cathey merely teaches that each 
branch compares information in order to classify a packet. 

Appellant argues that the motivational statement to combine Cathey and Holdsworth is not sufficient, 
and one of ordinary skill in the art would not look to combine the references. 

The examiner disagrees that one of ordinary skill in the art would not look to combine Cathey and 
Holdsworth. Both references are of the art of network security, Cathey is packet filtering, and Holdsworth in 
Access Control. It would have been obvious for one of ordinary skill to use the header information decision 
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tree of Cathey and the ACL of Holdsworth. The combination allows the decision tree to safely classify packets 
by comparing incoming packets with ACL data. 

As per claim 6, 

As per claim 6, Appellant argues Cathey figure 5B does not disclose a node associate with a subtree 
given on of a number of source addresses as stated in claim 6. 

Examiner points to Cathey figure 5B and has interpreted the claim in the broadest reasonable manner. 
The second level (352) of Figure 5B is "associated" (connected to) a subtree (354) of a given one of a distinct 
source of the root level (source checked at 350, decision made). After the source address is checked at 350, 
that particular distinct address is classified according to the decision logic of the invention and sorted down to 
the subtree [0063]. 

As per claim 7 

As per claim 7, Appellant argues that Cathey figure 5B does not show a given subtree and claim 7 as 

stated. 

Examiner again points to Cathey figure 5B. The second level (352) examines, or identifies destination 
addresses in the header that are matched to prestored data [0063]. Any data that makes it to one branch of the 
second level has already been sorted from a source address in level one. 

As per claim 9, 

As per claim 9, Appellant argues that Cathey does not teach how the decision tree is generated or using 
the tree for sequential processing of values with matching tables [0030]. 
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Examiner points to Cathey and Holdsworth. Cathey generates the decision tree based on packed 
classification logic and rules, using a packet classification engine [0030]. After the packet enters the tree it is 
classified by source and destination, sequentially down the tree until it is ultimately classified. Holdsworth 
provides the teaching of matching tables for the levels of Cathey as previously argued, thus the ACL tree is 
generated. 

As per claim 2, 

As per claim 2, Appellant argue as stated in previous arguments with regards to claim 1, that Cathey and 
Holdsworth fail to teach at least two nodes with matching tables and thus cannot teach longest prefix matching 
tables. Appellant asserts that Miller also fails to meet claim 2's limitations. 

Examiner has argued previously with regard to claim 1 , that Cathey and Holdsworth do teach a plurality 
of nodes with separate matching tables. Miller is relied upon to implement a longest prefix matching. 

As per claim 10, 

As per claim 10, Appellant asserts that the claim limitations are not met because the source field is the 
root node of Cathey. Appellant argues that Gai's teaching of decreasing wildcards relate to a source address, 
and the root node, but claim 10 relates to non-root levels, thus the combination does not meet the limitations of 
claim 10. 

Examiner does not rely on Gai to teach a source address, as the appellant argues but that matching tables 
are arranged in order of decreasing specificity. Gai does illustrate such a table as a source address table, 
however, the examiner is using the principle of sorting as taught by Gai, and not the actual source address. Gai 
does not relate to a root node of Cathey, as the applicant asserts. 
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As per claims 13, 14, 18, and 19 

Appellant asserts that claims 13, 14, 18, and 19 are allowable based on the arguments previously stated 

above. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the Related Appeals and 
Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 

Respectfully submitted, 

Christopher J. Brown /Christopher J Brown/ 

Conferees: 
/KimYen Vu/ 

Supervisory Patent Examiner, Art Unit 2135 
/Kambiz Zand/ 

Supervisory Patent Examiner, Art Unit 2134 



